package com.vm.filter;

import java.io.IOException;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.vm.common.Var;
import com.vm.entity.User;


/**
 * @Description 管理员的权限
 * */
public class SecurityFilter implements Filter {
	private FilterConfig config;

	public void destroy() {
	}

	@SuppressWarnings("unchecked")
	public void doFilter(ServletRequest servletRequest,
			ServletResponse servletResponse, FilterChain filterChain)
			throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) servletRequest;
		HttpServletResponse response = (HttpServletResponse) servletResponse;

		HttpSession session = request.getSession();
		String path = request.getContextPath();
		String requestUrl = request.getServletPath();
		String str = getUrlPath(requestUrl);
		System.out.println(str);
		List<String> list = new ArrayList<String>();
		list.add("loginAction_index.do");
		list.add("loginAction_exit.do");
		list.add("loginAction_login.do");
		list.add("chartBrowseAction.do");
		list.add("userAction_updatePassword.do");
		boolean flag = isfilterChain(str, list);
		if (flag) {
			filterChain.doFilter(request, response);
		} else {
			User user = (User) session.getAttribute(Var.GIS_ADMINUSER_SESSION_KEY);
			System.out.println(user);
			if (user == null) {
				System.out.println("sssssssss");
				getHtml(response, path + "/loginAction_index.do");
			} else {
				String urlAction = str.substring(str.lastIndexOf("/") + 1,str.indexOf("_"));
				if (user.getGrpUrlMap() != null && !user.isSuperAdmin()) {
					if (user.getGrpUrlMap().get(urlAction)==null) {
						//取消会话
						if(session != null){
							session.invalidate();
							session = null;
						}
						getHtml(response, path + "/loginAction_index.do");
					}else {
						try {
							filterChain.doFilter(request, response);
						} catch (Exception e) {
							e.printStackTrace();
						}
					}
				} else {
					try {
						filterChain.doFilter(request, response);
					} catch (Exception e) {
						e.printStackTrace();
					}
				}
			}
		}
	}

	public void init(FilterConfig arg0) throws ServletException {
		this.config = arg0;
	}

	/**
	 * 返回到顶层的窗口
	 * */
	public void getHtml(HttpServletResponse response, String url) {
		java.io.PrintWriter out;
		try {
			out = response.getWriter();
			out.println("<html>");
			out.println("<script>");
			out.println("window.open ('" + url + "','_top')");
			out.println("</script>");
			out.println("</html>");
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

	/**
	 * 返回到右侧
	 * **/
	public void openHtml(HttpServletResponse response, String url) {
		java.io.PrintWriter out;
		try {
			out = response.getWriter();
			out.println("<html>");
			out.println("<script>");
			out.println("window.open ('" + url + "','mainFrame')");
			out.println("</script>");
			out.println("</html>");
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

	/**
	 * 是否可以访问
	 * **/
	public boolean isfilterChain(String url, List<String> str) {

		boolean result = false;
		for (String ss : str) {
			if ("".equals(url) || url.indexOf(ss) != -1) {
				result = true;
				break;
			}
		}
		return result;
	}

	/**
	 * 截取.do 的url
	 * **/
	public String getUrlPath(String url) {
		StringBuilder builder = new StringBuilder();
		if (url.indexOf(".do") != -1) {
			String str = url.substring(0, url.indexOf(".do"));
			builder.append(str);
			builder.append(".do");
		}
		return builder.toString();
	}

}
